13ff230f7SMatthias Grimm<?php 23ff230f7SMatthias Grimm/* 3*a771ad3aSmatthiasgrimm * This is an example configuration for the mysql auth module. 4*a771ad3aSmatthiasgrimm * 5*a771ad3aSmatthiasgrimm * This SQL statements are optimized for following table structure. 6*a771ad3aSmatthiasgrimm * If you use a different one you have to change them accordingly. 7*a771ad3aSmatthiasgrimm * See comments of every statement for details. 8*a771ad3aSmatthiasgrimm * 9*a771ad3aSmatthiasgrimm * TABLE users 10*a771ad3aSmatthiasgrimm * uid login pass firstname lastname email 11*a771ad3aSmatthiasgrimm * 12*a771ad3aSmatthiasgrimm * TABLE groups 13*a771ad3aSmatthiasgrimm * gid name 14*a771ad3aSmatthiasgrimm * 15*a771ad3aSmatthiasgrimm * TABLE usergroup 16*a771ad3aSmatthiasgrimm * uid gid 17*a771ad3aSmatthiasgrimm * 18*a771ad3aSmatthiasgrimm * To use this configuration you have to copy them to local.php 19*a771ad3aSmatthiasgrimm * or at least include this file in local.php. 203ff230f7SMatthias Grimm */ 213ff230f7SMatthias Grimm 22*a771ad3aSmatthiasgrimm/* Options to configure database access. You need to set up this 23*a771ad3aSmatthiasgrimm * options carefully, otherwise you won't be able to access you 24*a771ad3aSmatthiasgrimm * database. 25*a771ad3aSmatthiasgrimm */ 26*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['server'] = ''; 27*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['user'] = ''; 28*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['password'] = ''; 29*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['database'] = ''; 303ff230f7SMatthias Grimm 313ff230f7SMatthias Grimm/* Normally password encryptionis done by DokuWiki (recommended) but for 323ff230f7SMatthias Grimm * some reasons it might be usefull to let the database do the encryption. 333ff230f7SMatthias Grimm * Set 'encryptPass' to '1' and the cleartext password is forwarded to 343ff230f7SMatthias Grimm * the database, otherwise the encrypted one. 353ff230f7SMatthias Grimm */ 363ff230f7SMatthias Grimm$conf['auth']['mysql']['encryptPass'] = 0; 373ff230f7SMatthias Grimm 383ff230f7SMatthias Grimm/* Multiple table operations will be protected by locks. This array tolds 393ff230f7SMatthias Grimm * the module which tables to lock. If you use any aliases for table names 403ff230f7SMatthias Grimm * these array must also contain these aliases. Any unamed alias will cause 41*a771ad3aSmatthiasgrimm * a warning during operation. See the example below. 423ff230f7SMatthias Grimm */ 433ff230f7SMatthias Grimm$conf['auth']['mysql']['TablesToLock']= array("users", "users AS u","groups", "groups AS g", "usergroup", "usergroup AS ug"); 443ff230f7SMatthias Grimm 453ff230f7SMatthias Grimm/* This statement should return the database index of a given user name. 463ff230f7SMatthias Grimm * The module will access the index with the name 'id' so a alias might be 473ff230f7SMatthias Grimm * necessary. 483ff230f7SMatthias Grimm * following patters will be replaced: 49*a771ad3aSmatthiasgrimm * %{user} user name 503ff230f7SMatthias Grimm */ 51*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['getUserID'] = "SELECT uid AS id FROM users WHERE login='%{user}'"; 523ff230f7SMatthias Grimm 533ff230f7SMatthias Grimm/* This statement should return the database index of a given group name. 543ff230f7SMatthias Grimm * The module will access the index with the name 'id' so a alias might be 553ff230f7SMatthias Grimm * necessary. 563ff230f7SMatthias Grimm * following patters will be replaced: 57*a771ad3aSmatthiasgrimm * %{group} group name 583ff230f7SMatthias Grimm */ 59*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['getGroupID'] = "SELECT gid AS id FROM groups WHERE name='%{group}'"; 603ff230f7SMatthias Grimm 613ff230f7SMatthias Grimm/* This statement is used to grant or deny access to the wiki. The result should 623ff230f7SMatthias Grimm * be a table with exact one line containing at least the password of the user. 633ff230f7SMatthias Grimm * If the result table is empty or contains more than one row, access will be denied. 643ff230f7SMatthias Grimm * The module access the password as 'pass' so a alias might be necessary. 653ff230f7SMatthias Grimm * following patters will be replaced: 66*a771ad3aSmatthiasgrimm * %{user} user name 67*a771ad3aSmatthiasgrimm * %{pass} encrypted or clear text password (depends on 'encryptPass') 68*a771ad3aSmatthiasgrimm * %{dgroup} default group name 693ff230f7SMatthias Grimm */ 703ff230f7SMatthias Grimm$conf['auth']['mysql']['checkPass'] = "SELECT pass 713ff230f7SMatthias Grimm FROM usergroup AS ug 723ff230f7SMatthias Grimm JOIN users AS u ON u.uid=ug.uid 733ff230f7SMatthias Grimm JOIN groups AS g ON g.gid=ug.gid 74*a771ad3aSmatthiasgrimm WHERE login='%{user}' 75*a771ad3aSmatthiasgrimm AND name='%{dgroup}'"; 763ff230f7SMatthias Grimm 7775bfc19cSMatthias Grimm/* This statement is used to get all groups a user is member of. The result should 7875bfc19cSMatthias Grimm * be a table containing all groups the given user is member of. The module access 7975bfc19cSMatthias Grimm * the group name as 'group' so a alias might be nessecary. 8075bfc19cSMatthias Grimm * following patters will be replaced: 81*a771ad3aSmatthiasgrimm * %{user} user name 8275bfc19cSMatthias Grimm */ 833ff230f7SMatthias Grimm$conf['auth']['mysql']['getGroups'] = "SELECT name as `group` 843ff230f7SMatthias Grimm FROM groups g, users u, usergroup ug 853ff230f7SMatthias Grimm WHERE u.uid = ug.uid 863ff230f7SMatthias Grimm AND g.gid = ug.gid 87*a771ad3aSmatthiasgrimm AND u.login='%{user}'"; 8875bfc19cSMatthias Grimm 8975bfc19cSMatthias Grimm/* This statement should return a table with exact one row containing information 9075bfc19cSMatthias Grimm * about one user. The field needed are: 9175bfc19cSMatthias Grimm * 'pass' containing the encrypted or clear text password 9275bfc19cSMatthias Grimm * 'name' the user's full name 9375bfc19cSMatthias Grimm * 'mail' the user's email address 9475bfc19cSMatthias Grimm * Keep in mind that Dokuwiki will access thise information through the names 9575bfc19cSMatthias Grimm * listed above so aliasses might be neseccary. 9675bfc19cSMatthias Grimm * following patters will be replaced: 97*a771ad3aSmatthiasgrimm * %{user} user name 9875bfc19cSMatthias Grimm */ 993ff230f7SMatthias Grimm$conf['auth']['mysql']['getUserInfo'] = "SELECT pass, CONCAT(firstname,' ',lastname) AS name, email AS mail 1003ff230f7SMatthias Grimm FROM users 101*a771ad3aSmatthiasgrimm WHERE login='%{user}'"; 10275bfc19cSMatthias Grimm 10375bfc19cSMatthias Grimm/* This statement should return a table containing all user login names that meet 10475bfc19cSMatthias Grimm * certain filter criteria. The filter expressions will be added case dependend by 10575bfc19cSMatthias Grimm * the module. At the end a sort expression will be added. 10675bfc19cSMatthias Grimm * Important is that this list contains no double entries fo a user. Each user 10775bfc19cSMatthias Grimm * name is only allowed once in the table. 10875bfc19cSMatthias Grimm * The login name will be accessed as 'user' to a alias might be neseccary. 10975bfc19cSMatthias Grimm * No patterns will be replaced in this statement but following patters will be 11075bfc19cSMatthias Grimm * replaced in the filter expressions: 111*a771ad3aSmatthiasgrimm * %{user} in FilterLogin user's login name 112*a771ad3aSmatthiasgrimm * %{name} in FilterName user's full name 113*a771ad3aSmatthiasgrimm * %{email} in FilterEmail user's email address 114*a771ad3aSmatthiasgrimm * %{group} in FilterGroup group name 11575bfc19cSMatthias Grimm */ 1163ff230f7SMatthias Grimm$conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT login AS user 1173ff230f7SMatthias Grimm FROM users AS u 1183ff230f7SMatthias Grimm LEFT JOIN usergroup AS ug ON u.uid=ug.uid 1193ff230f7SMatthias Grimm LEFT JOIN groups AS g ON ug.gid=g.gid"; 120*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['FilterLogin'] = "login LIKE '%{user}'"; 121*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['FilterName'] = "CONCAT(firstname,' ',lastname) LIKE '%{name}'"; 122*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['FilterEmail'] = "email LIKE '%{email}'"; 123*a771ad3aSmatthiasgrimm$conf['auth']['mysql']['FilterGroup'] = "name LIKE '%{group}'"; 1243ff230f7SMatthias Grimm$conf['auth']['mysql']['SortOrder'] = "ORDER BY login"; 1253ff230f7SMatthias Grimm 12675bfc19cSMatthias Grimm/* This statement should add a user to the database. Minimum information to 12775bfc19cSMatthias Grimm * store are: login name, password, email address and full name. 12875bfc19cSMatthias Grimm * Following patterns will be replaced: 129*a771ad3aSmatthiasgrimm * %{user} user's login name 130*a771ad3aSmatthiasgrimm * %{pass} password (encrypted or clear text, depends on 'encryptPass') 131*a771ad3aSmatthiasgrimm * %{email} email address 132*a771ad3aSmatthiasgrimm * %{name} user's full name 13375bfc19cSMatthias Grimm */ 1343ff230f7SMatthias Grimm$conf['auth']['mysql']['addUser'] = "INSERT INTO users 1353ff230f7SMatthias Grimm (login, pass, email, firstname, lastname) 136*a771ad3aSmatthiasgrimm VALUES ('%{user}', '%{pass}', '%{email}', 137*a771ad3aSmatthiasgrimm SUBSTRING_INDEX('%{name}',' ', 1), 138*a771ad3aSmatthiasgrimm SUBSTRING_INDEX('%{name}',' ', -1))"; 13975bfc19cSMatthias Grimm 14075bfc19cSMatthias Grimm/* This statement should remove a user fom the database. 14175bfc19cSMatthias Grimm * Following patterns will be replaced: 142*a771ad3aSmatthiasgrimm * %{user} user's login name 143*a771ad3aSmatthiasgrimm * %{uid} id of a user dataset 14475bfc19cSMatthias Grimm */ 1453ff230f7SMatthias Grimm$conf['auth']['mysql']['delUser'] = "DELETE FROM users 146*a771ad3aSmatthiasgrimm WHERE uid='%{uid}'"; 14775bfc19cSMatthias Grimm 14875bfc19cSMatthias Grimm/* This statement should add a group to the database. 14975bfc19cSMatthias Grimm * Following patterns will be replaced: 150*a771ad3aSmatthiasgrimm * %{group} group name 15175bfc19cSMatthias Grimm */ 1523ff230f7SMatthias Grimm$conf['auth']['mysql']['addGroup'] = "INSERT INTO groups (name) 153*a771ad3aSmatthiasgrimm VALUES ('%{group}')"; 15475bfc19cSMatthias Grimm 15575bfc19cSMatthias Grimm/* This statement should remove a group fom the database. 15675bfc19cSMatthias Grimm * Following patterns will be replaced: 157*a771ad3aSmatthiasgrimm * %{group} group name 158*a771ad3aSmatthiasgrimm * %{gid} id of a group dataset 15975bfc19cSMatthias Grimm */ 1603ff230f7SMatthias Grimm$conf['auth']['mysql']['delGroup'] = "DELETE FROM groups 161*a771ad3aSmatthiasgrimm WHERE gid='%{gid}'"; 16275bfc19cSMatthias Grimm 16375bfc19cSMatthias Grimm/* This statement should connect a user to a group (a user become member 16475bfc19cSMatthias Grimm * of that group). 16575bfc19cSMatthias Grimm * Following patterns will be replaced: 166*a771ad3aSmatthiasgrimm * %{user} user's login name 167*a771ad3aSmatthiasgrimm * %{uid} id of a user dataset 168*a771ad3aSmatthiasgrimm * %{group} group name 169*a771ad3aSmatthiasgrimm * %{gid} id of a group dataset 17075bfc19cSMatthias Grimm */ 1713ff230f7SMatthias Grimm$conf['auth']['mysql']['addUserGroup']= "INSERT INTO usergroup (uid, gid) 172*a771ad3aSmatthiasgrimm VALUES ('%{uid}', '%{gid}')"; 17375bfc19cSMatthias Grimm 17475bfc19cSMatthias Grimm/* This statement should remove a single connection from a user to a 17575bfc19cSMatthias Grimm * group (a user quits membership of that group). 17675bfc19cSMatthias Grimm * Following patterns will be replaced: 177*a771ad3aSmatthiasgrimm * %{user} user's login name 178*a771ad3aSmatthiasgrimm * %{uid} id of a user dataset 179*a771ad3aSmatthiasgrimm * %{group} group name 180*a771ad3aSmatthiasgrimm * %{gid} id of a group dataset 18175bfc19cSMatthias Grimm */ 1823ff230f7SMatthias Grimm$conf['auth']['mysql']['delUserGroup']= "DELETE FROM usergroup 183*a771ad3aSmatthiasgrimm WHERE uid='%{uid}' 184*a771ad3aSmatthiasgrimm AND gid='%{gid}'"; 18575bfc19cSMatthias Grimm 18675bfc19cSMatthias Grimm/* This statement should remove all connections from a user to any group 18775bfc19cSMatthias Grimm * (a user quits membership of all groups). 18875bfc19cSMatthias Grimm * Following patterns will be replaced: 189*a771ad3aSmatthiasgrimm * %{uid} id of a user dataset 19075bfc19cSMatthias Grimm */ 1913ff230f7SMatthias Grimm$conf['auth']['mysql']['delUserRefs'] = "DELETE FROM usergroup 192*a771ad3aSmatthiasgrimm WHERE uid='%{uid}'"; 193*a771ad3aSmatthiasgrimm 194